GDPR (General Data Protection Regulation) is yet another example of badly worded, badly implemented legislation that not only costs 'everyone' time and money but generates a whole ecosystem of 'GDPR Consultants' eager to cash in on this nonsense. Data Protection is a good idea in principle especially where you data matters such as Local Government, The Police, Government Agencies.... except of course they are Exempt. Anyhow, for everything else where GDPR applies the premise is simple - For you to know what we store, and have an option to review that or have it removed.
What we Collect
This one is fairly obvious, anything you provide to us on our websites, by phone or email is stored and processed to service your requests. Some information is short lived such as 'contact us' data which remains only as long as required to 'contact' you but other information such as your position within a company and request history remains for the duration of our relationship with that company and 36 months after any relationship ends. Your email's to us are kept indefinitely and call recordings are kept for 5 years. Helpdesk requests are kept for 36 months after any commercial or legal relationship ends.
Third Party Transfer
We will in some cases transfer your personal information to a third party where that third party is either involved in servicing you as a customer, where a court requests we do so, or to aid in a criminal investigation. A good example here would be that you order Satellite Internet from us, and we pass your name, address and phone number to a contractor to install the dish, or your details to a domain registrar for your domain name.
Your Right of access
If you want to know what exactly what 'Personal' information we keep then you are at liberty to request this from your account manager, although you will need to convince us of your identity.
Your right of removal
If you want your 'Personal' information removed then we can do this providing our relationship with your company has ended and we no longer have any legitimate reason to contact you. We will in most cases contact the company in question to confirm/advise your removal request.
Common Sense Attribution
We're not a well known social media company, we're a professional business and as such as have a legitimate reason to contact you in relation to the business we conduct. If you contact us and ask us to contact you then we will (or we'll do our best) and if you subsequently go on to purchase our products and services, or otherwise become involved in a relationship with us then we'll contact you if and only if the need arrises. We may contact you because a third party has requested this, for example if your having an issue contacting one of our customers and we'll do this in good faith until told otherwise.
There are situations especially where contact forms are concerned where we may contact you without your consent. This occurs where someone feels the need to fill in a contact form for someone else. This isn't a common occurrence but does happen from time to time and we have no method to 'validate' a contact form actually came from the person named but we'll act in good faith until proven otherwise.
If you wish to exercise your 'right' under the GDPR then you need only contact us via our website, the helpdesk, email, phone or carrier pigeon and we'll respond within a timely manner but please consider that we are obligated to validate your identity before disclosing or removing any personal information.
We hope this is the shortest GDPR policy in the world and makes sense to everyone - if not please let us know. We won't be sending you an endless stream of panicking emails demanding your permission to contact you, if you are or were a customer then we have a legitimate interest in contacting you and so we will if we need to.
E&OE (c) 2018 GEN